iangcarroll / cookiemonsterLinks
πͺ CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions.
β956Updated 11 months ago
Alternatives and similar repositories for cookiemonster
Users that are interested in cookiemonster are comparing it to the libraries listed below
Sorting:
- A collection of special paths linked to common sensitive APIs, devops internals, frameworks conf, known misconfigurations, juicy APIs ..eβ¦β1,008Updated last year
- REcollapse is a helper tool for black-box regex fuzzing to bypass validations and discover normalizations in web applicationsβ1,269Updated 4 months ago
- Go client to communicate with Chaos DB API.β803Updated last week
- Web Cache Vulnerability Scanner is a Go-based CLI tool for testing for web cache poisoning. It is developed by Hackmanit GmbH (http://hacβ¦β1,066Updated 3 months ago
- Community edition nuclei templates, a simple tool that allows you to organize all the Nuclei templates offered by the community in one plβ¦β1,032Updated 4 months ago
- The most exhaustive list of reliable DNS resolvers.β916Updated this week
- An exhaustive list of all the possible ways you can chain your Blind SSRF vulnerabilityβ940Updated 4 years ago
- Fetches javascript file from a list of URLS or subdomains.β824Updated 5 months ago
- Accept URLs on stdin, replace all query string values with a user-supplied valueβ854Updated 3 years ago
- MassDNS wrapper written in go to enumerate valid subdomains using active bruteforce as well as resolve subdomains with wildcard filteringβ¦β1,546Updated last week
- Scrape domain names from SSL certificates of arbitrary hostsβ689Updated last year
- Scope aggregation tool for HackerOne, Bugcrowd, Intigriti, YesWeHack, and Immunefi!β1,236Updated last week
- The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devicesβ640Updated 5 months ago
- HTTP Request Smuggling over HTTP/2 Cleartext (h2c)β767Updated 3 years ago
- Tool for discovering the origin host behind a reverse proxy. Useful for bypassing cloud WAFs!β972Updated last year
- bypass-url-parserβ1,107Updated this week
- Extract URLs, paths, secrets, and other interesting bits from JavaScriptβ1,709Updated last year
- a javascript change monitoring tool for bugbountiesβ703Updated last year
- Obtain GraphQL API schema even if the introspection is disabledβ1,327Updated 3 weeks ago
- Tool to check for dependency confusion vulnerabilities in multiple package management systemsβ773Updated last year
- β530Updated last month
- DNSGen is a powerful and flexible DNS name permutation tool designed for security researchers and penetration testers. It generates intelβ¦β1,034Updated 11 months ago
- Fast and customizable subdomain wordlist generator using DSLβ903Updated 3 weeks ago
- An IIS short filename enumeration toolβ1,054Updated last year
- Escalate your SSRF vulnerabilities on Modern Cloud Environments. `surf` allows you to filter a list of hosts, returning a list of viable β¦β700Updated 2 years ago
- Making Favicon.ico based Recon Great again !β1,253Updated 2 years ago
- A python tool used to discover endpoints, potential parameters, and a target specific wordlist for a given targetβ1,455Updated this week
- β1,066Updated 3 weeks ago
- A Chrome Extension to track postMessage usage (url, domain and stack) both by logging using CORS and also visually as an extension-iconβ1,262Updated last year
- Unleash the power of cloudβ814Updated last year